Merge branch '8603-a15-force-verify-hosts' into 'a15' (8f264fb4) · Commits · e / os / android_frameworks_base

packages/StatementService/AndroidManifest.xml

+0 −1

Original line number	Diff line number	Diff line
		@@ -26,7 +26,6 @@
		<uses-permission android:name="android.permission.INTENT_FILTER_VERIFICATION_AGENT"/>
		<uses-permission android:name="android.permission.INTERACT_ACROSS_USERS" />
		<uses-permission android:name="android.permission.INTERNET"/>
		<uses-permission android:name="android.permission.OBSERVE_NETWORK_POLICY"/>
		<uses-permission android:name="android.permission.QUERY_ALL_PACKAGES" />
		<uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED"/>
		<uses-permission android:name="android.permission.UPDATE_DOMAIN_VERIFICATION_USER_SELECTION"/>

packages/StatementService/src/com/android/statementservice/StatementServiceApplication.kt

+0 −1

Original line number	Diff line number	Diff line
		@@ -29,7 +29,6 @@ class StatementServiceApplication : Application() {
		if (userManager.isUserUnlocked) {
		// WorkManager can only schedule when the user data directories are unencrypted (after
		// the user has entered their lock password.
		DomainVerificationUtils.registerNetworkPolicyListener(this)
		DomainVerificationUtils.schedulePeriodicCheckUnlocked(WorkManager.getInstance(this))
		DomainVerificationUtils.schedulePeriodicUpdateUnlocked(WorkManager.getInstance(this))
		}

packages/StatementService/src/com/android/statementservice/domain/BootCompletedReceiver.kt

+0 −1

Original line number	Diff line number	Diff line
		@@ -43,7 +43,6 @@ class BootCompletedReceiver : BroadcastReceiver() {
		override fun onReceive(context: Context, intent: Intent) {
		if (intent.action != Intent.ACTION_BOOT_COMPLETED) return
		val workManager = WorkManager.getInstance(context)
		DomainVerificationUtils.registerNetworkPolicyListener(context)
		DomainVerificationUtils.schedulePeriodicCheckUnlocked(workManager)
		workManager.beginUniqueWork(
		PACKAGE_BOOT_REQUEST_KEY,

packages/StatementService/src/com/android/statementservice/domain/DomainVerificationUtils.kt

+0 −32

Original line number	Diff line number	Diff line
		@@ -16,8 +16,6 @@

		package com.android.statementservice.domain

		import android.content.Context
		import android.net.NetworkPolicyManager
		import androidx.work.Constraints
		import androidx.work.ExistingPeriodicWorkPolicy
		import androidx.work.NetworkType
		@@ -38,9 +36,6 @@ object DomainVerificationUtils {

		private const val UPDATE_WORKER_ENABLED = false

		private val uidBlockedReasons = mutableMapOf<Int, Int>()
		private var networkPolicyListener: NetworkPolicyManager.Listener? = null

		/**
		* In a majority of cases, the initial requests will be enough to verify domains, since they
		* are also restricted to [NetworkType.CONNECTED], but for cases where they aren't sufficient,
		@@ -118,31 +113,4 @@ object DomainVerificationUtils {
		}
		}
		}

		fun getUidBlockedReasons(uid: Int) : Int? {
		return uidBlockedReasons[uid]
		}

		fun registerNetworkPolicyListener(context: Context) {
		if (networkPolicyListener != null) {
		unregisterNetworkPolicyListener(context)
		}
		networkPolicyListener = object : NetworkPolicyManager.Listener() {
		override fun onBlockedReasonChanged(
		uid: Int,
		oldBlockedReasons: Int,
		newBlockedReasons: Int
		) {
		uidBlockedReasons[uid] = newBlockedReasons
		}
		}
		val networkPolicyManager = context.getSystemService(NetworkPolicyManager::class.java)
		networkPolicyManager?.registerListener(networkPolicyListener)
		}

		private fun unregisterNetworkPolicyListener(context: Context) {
		val networkPolicyManager = context.getSystemService(NetworkPolicyManager::class.java)
		networkPolicyManager?.unregisterListener(networkPolicyListener)
		networkPolicyListener = null
		}
		}

packages/StatementService/src/com/android/statementservice/domain/DomainVerifier.kt

+0 −12

Original line number	Diff line number	Diff line
		@@ -17,10 +17,7 @@
		package com.android.statementservice.domain

		import android.content.Context
		import android.content.pm.PackageManager
		import android.content.pm.verify.domain.DomainVerificationManager
		import android.net.ConnectivityManager.BLOCKED_REASON_APP_BACKGROUND
		import android.net.ConnectivityManager.BLOCKED_REASON_NONE
		import android.net.Network
		import android.util.Log
		import androidx.collection.LruCache
		@@ -95,15 +92,6 @@ class DomainVerifier private constructor(
		val assetMatcher = synchronized(targetAssetCache) { targetAssetCache[packageName] }
		.takeIf { it!!.isPresent }
		?: return Triple(WorkResult.failure(), VerifyStatus.FAILURE_PACKAGE_MANAGER, null)
		val packageUid = appContext.packageManager.getPackageUid(
		packageName,
		PackageManager.PackageInfoFlags.of(0)
		)
		// Fail if no blocked reason is set or for any reason other than APP_BACKGROUND and NONE
		if (DomainVerificationUtils.getUidBlockedReasons(packageUid)
		?.and(BLOCKED_REASON_APP_BACKGROUND.inv())?.and(BLOCKED_REASON_NONE.inv()) != 0) {
		return Triple(WorkResult.failure(), VerifyStatus.NO_RESPONSE, null)
		}
		return verifyHost(host, assetMatcher.get(), network)
		}